Mailing List ArchivesAuthenticated access |
![[Computer Systems Lab]](http://www.cs.wisc.edu/pics/csl_logo.gif){kind=logo}
|
Mailing List ArchivesAuthenticated access |
|
|
Greetings, I have a condor cluster where one system is both the submission machine and central manager and it just struck me that because of default host-based auth, it means all users on the system can use admin-level condor commands (such as condor_userprio).
I am going to see about moving submission to its own system since that simplifies the auth piece, however I wonder if there is another easy way to restrict it so that only root can use admin commands, and all the other users cannot. I tried looking into setting
up one of the authn /authz setups like Kerberos since that is what we use for system login, but I cannot get it to work, plus I don’t think it would work with the local root account anyway. Any suggestions as to what I can use to restrict admin commands to
just root? Thanks. (running version 8.8 btw) ------------------------------------- Gianni Pezzarossi Computational System Analyst User Services:Research Engineering IT Shared Services University of Illinois @ Urbana-Champaign |